Just nu i M3-nätverket
Jump to content

Långsam dator


TobbeH

Recommended Posts

Skickar med en loggfil om det är någon som kan se om det är nåt fel

Mvh Tobbe

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:03:09, on 2009-11-19

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\DllHost.exe

C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\Program\HPQ\IAM\bin\asghost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\msdtc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Storegate\Autostore\AutoStoreSvc.exe

C:\Program\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\IObit\IObit Security 360\IS360srv.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

C:\Program\Delade filer\LightScribe\LSSrvc.exe

C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\Microsoft IntelliPoint\point32.exe

C:\Program\SYMANT~1\vptray.exe

C:\Program\Hp\HP Software Update\HPWuSchd2.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program\Telia\Supportassistent\bin\sprtsvc.exe

C:\WINDOWS\SMINST\Scheduler.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\IObit\Advanced SystemCare 3\AWC.exe

C:\Program\Storegate\Autostore\AutoStore.exe

C:\Program\Symantec AntiVirus\Rtvscan.exe

C:\Program\Viewpoint\Common\ViewpointService.exe

C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\alg.exe

C:\Program\hpq\Shared\HPQTOA~1.EXE

C:\Program\IObit\IObit Security 360\is360.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://uk.search.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://uk.search.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program\IObitCom\tbIObi.dll

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program\IObitCom\tbIObi.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program\HPQ\IAM\Bin\ItIeAddIN.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program\IObitCom\tbIObi.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Program\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [iObit Security 360] C:\Program\IObit\IObit Security 360\IS360tray.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [vptray] C:\Program\SYMANT~1\\vptray.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKCU\..\Run: [Reg Tool] C:\Program\Reg Tool\Reg Tool.exe -boot

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Telia AutoStore.lnk = C:\Program\Storegate\Autostore\AutoStore.exe

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://spinpalace.microgaming.com/spinpalace/FlashAX.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - https://sakerlagring.telia.se/user/Files/Cabs/ImageUploader4.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O20 - Winlogon Notify: OneCard - C:\Program\HPQ\IAM\Bin\AsWlnPkg.dll

O23 - Service: AutoStore - Storegate AB - C:\Program\Storegate\Autostore\AutoStoreSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program\Symantec AntiVirus\DefWatch.exe

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program\HPQ\Shared\hpqwmi.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IS360service - IObit - C:\Program\IObit\IObit Security 360\IS360srv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program\Delade filer\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program\Symantec AntiVirus\Rtvscan.exe

O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 11778 bytes[/log]

 

 

Link to comment
Share on other sites

Hej! Hittar inte Malwarebytes nåt när du skannar med den?

Mvh Laston

 

 

"Using Malwarebytes´ Anti-Malware is like bringing an M4 to a knife fight."

 

Link to comment
Share on other sites

Surfa till http://www.virustotal.com (fungerar bäst med Internet Explorer) klistra in följande filnamn i rutan,

C:\WINDOWS\system32\userinit.exe

tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här.

 

Avinstallera denna toolbar; IObitCom Toolbar

http://www.systemlookup.com/CLSID/64008-tbIObi_dll_tbIObO_dll_tbIOb1_dll.html

 

Mvh Laston

 

Link to comment
Share on other sites

Här är resultatet

 

D5: 317799a2e42b5ea048a8a70f482cba9f

First received: 2009.02.15 17:47:00 UTC

Datum 2009.11.07 16:24:05 UTC [>12D]

Resultat 0/41

Permalink: analisis/8412ebd8bd424648725ad778ede540f678a42d8af36ec0c1f344cb51ca52d6a1-1257611045

 

Tobbe

 

Link to comment
Share on other sites

Ok här kommer rätt

[log]a-squared 4.5.0.41 2009.11.19 -

AhnLab-V3 5.0.0.2 2009.11.19 -

AntiVir 7.9.1.72 2009.11.19 -

Antiy-AVL 2.0.3.7 2009.11.19 -

Authentium 5.2.0.5 2009.11.19 -

Avast 4.8.1351.0 2009.11.19 -

AVG 8.5.0.425 2009.11.19 -

BitDefender 7.2 2009.11.19 -

CAT-QuickHeal 10.00 2009.11.19 -

ClamAV 0.94.1 2009.11.19 -

Comodo 2983 2009.11.19 -

DrWeb 5.0.0.12182 2009.11.19 -

eSafe 7.0.17.0 2009.11.19 -

eTrust-Vet 35.1.7131 2009.11.19 -

F-Prot 4.5.1.85 2009.11.19 -

F-Secure 9.0.15370.0 2009.11.17 -

Fortinet 3.120.0.0 2009.11.19 -

GData 19 2009.11.19 -

Ikarus T3.1.1.74.0 2009.11.19 -

Jiangmin 11.0.800 2009.11.19 -

K7AntiVirus 7.10.900 2009.11.19 -

Kaspersky 7.0.0.125 2009.11.19 -

McAfee 5807 2009.11.19 -

McAfee+Artemis 5807 2009.11.19 -

McAfee-GW-Edition 6.8.5 2009.11.19 -

Microsoft 1.5302 2009.11.19 -

NOD32 4623 2009.11.19 -

Norman 6.03.02 2009.11.19 -

nProtect 2009.1.8.0 2009.11.19 -

Panda 10.0.2.2 2009.11.18 -

PCTools 7.0.3.5 2009.11.19 -

Prevx 3.0 2009.11.19 -

Rising 22.22.03.09 2009.11.19 -

Sophos 4.47.0 2009.11.19 -

Sunbelt 3.2.1858.2 2009.11.19 -

Symantec 1.4.4.12 2009.11.19 -

TheHacker 6.5.0.2.074 2009.11.19 -

TrendMicro 9.0.0.1003 2009.11.19 -

VBA32 3.12.12.0 2009.11.19 -

ViRobot 2009.11.19.2045 2009.11.19 -

VirusBuster 5.0.21.0 2009.11.19 - [/log]

 

Lagt till LOG-taggar

När du har klistrat in en logg eller annat längre textstycke så var vänlig och markera loggen och tryck sedan på LOG-knappen som finns på samma rad som :thumbsdown::thumbsup: i inläggsfönstret.

Cecilia - Moderator för Virus, skadliga program & botemedel

 

[inlägget ändrat 2009-11-19 22:21:49 av Cecilia]

Link to comment
Share on other sites

Hmm gamla versioner av Norton är ju kända resursslukare så vilken version har du,dessa ska ju uppgraderas gratis om du har giltig licens!

 

Mvh Laston

 

Link to comment
Share on other sites

ok,ska jag skaffa avast istället??

 

Regtool har jag tagit bort,laddade hem den förut ikväll,men tog bort den samtidigt med iobit

 

MVH TOBBE

 

 

 

Link to comment
Share on other sites

Tjena nu har jag installerat avast & tagit bort norton men nån större skillnad blev det inte :( det enda som jag kunnat se skillnad på är att det är lite mera minne ledigt.

Men det går lika långsamt när man ska öppna webbläsaren eller nåt annat program,så vad göra ????

 

Mvh Tobbe

 

Link to comment
Share on other sites

Hej här kommer Malwareresultatet

Malwarebytes' Anti-Malware 1.41

Databasversion: 3201

Windows 5.1.2600 Service Pack 3

 

2009-11-20 12:08:21

mbam-log-2009-11-20 (12-08-21).txt

 

Skanningstyp: Fullständig skanning (C:\|)

Antal skannade objekt: 240652

Förfluten tid: 1 hour(s), 0 minute(s), 1 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

(Inga illasinnade poster hittades)

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

(Inga illasinnade poster hittades)

 

 

 

[inlägget ändrat 2009-11-20 12:21:47 av TobbeH]

Link to comment
Share on other sites

Hej

Tror jag löste det genom att köra chkdsk & samtidigt söka & rätta till fel

 

Datorn blev betydligt mycket snabbare efter det :)

 

Så jag tackar så mycket för hjälpen

 

Mvh Tobbe

 

Link to comment
Share on other sites

Om chkdsk hittade fel så kan det bero på att hårddisken håller på och går sönder så var noga med säkerhetskopior.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...